Re: Perimeter Firewall/UTM Suggestions?



In article <paul-CB0620.12381018082007@xxxxxxxxxxxxxxxxxx>,
Paul Hutchings <paul@xxxxxxxxxxx> wrote:
I'm looking for a device to put at the edge of our network.

I would want it to do the following:

Act as a basic source/dest/protocol/action firewall to allow packets in
and out to/from our servers.
Have a minimum of 2 DMZ ports.
Allow the internal and DMZ interfaces to work in either NAT or Route
mode (selectable per interface).
Have some sort of URL filtering via an external database i.e.
Surfcontrol CPA/ISS
Have the means to add/exclude entire domains from this filtering.
Some level of IDS.
A/V would be nice but not essential.
Hardware appliance.
[.]
Juniper SSG 140
Sonicwall 2040 and 3060
Checkpoint VPN-1 Edge
ISS Proventia MX1004

My vote would go with Juniper, meets all the above criteria.
I have over 28 firewalls in production from SSG5 to ISG1000.

Juniper docs...
http://www.juniper.net/techpubs/software/screenos/screenos5.4.0/index.html

Might also check out the Juniper forums..
http://www.juniperforum.com/
https://communities.juniper.net/

-alan
.